Issued:
2010-03-30
Updated:
2010-03-30

RHBA-2010:0266 - Bug Fix Advisory

Synopsis

cman bug-fix and feature update

Type/Severity

Bug Fix Advisory

Topic

Updated cman packages that fix bugs and provide new features are now
available.

Description

The Cluster Manager (cman) utility provides user-level services for
managing a Linux cluster.

This update provides the following updates & fixes:

  • fence_rsa fails to login with new RSA II firmware (549473)
  • fence_virsh reports vm status incorrectly (544664)
  • Improve error messages from ccsd if there is a network problem (517399)
  • New fence agent for VMWare (TechPreview) (548577)
  • Fence agent for HP iLO2 MP (508722)
  • Fence agent for RSB ends with traceback (545054)
  • Security feature for SNMP based agent: apc_snmp & ibmblade (532922)
  • Change default timeout values for various fence agents (549124)
  • Version is not shown in several fence agents (549124)
  • cman: automatically configure consensus based on token timeout (544482)
  • Add readconfig & dumpconfig to fence_tool (514662)
  • Make groupd handle partition merges (546082)
  • groupd: clean up leaving failed node (521817)
  • scsi_reserve should always echo after failure (514260)
  • scsi_reserve should handle multipath with partitions (516625)
  • fence_scsi_test: add debug information (516763)
  • fence_scsi_test should not allow -c and -s options together (528832)
  • fence: Fix fence_ipmilan read from unitialized memory (532138)
  • qdiskd: Make qdiskd stop crying wolf (532773)
  • fence: Fencing fails when used without telnet or ssh (512343)
  • fence: APC changed product name (MasterSwitch -> Switched Rack PDU)
    (447481)
  • fence: fix invalid initalization introduced by retry-on option
  • fence: Broken device detection for DRAC3 ERA/O (489809)
  • fence: Fix case sensitivities in action parameter (528938)
  • fence: fencing_snmp fails on all operations & traceback fix (528916)
  • fence: accept unknown options from standard input (532920)
  • fence: fence_apc unable to obtain plug status (532916)
  • fence: timeout options added (507514)
  • fence: better XML generation for metadata (needed for default values)
  • fence: better default timeout for bladecenter
  • fence: retry-on option used in iLO fence agent
  • fence: add missing-as-off option (missing blade/device is always OFF)
    (248006)
  • make qdiskd "master-wins" node work (372901)
  • make qdisk self-fence system if write errors take longer than
    interval*tko (511113)
  • Make service_cman.lcrso executable, so that RPM adds it to the debuginfo
    pkg (511346)
  • Don't check for xm command in cman init script, virsh is more appropriate
    (516111)
  • Allow re-registering of a quorum device (525270)
  • Fix fence_scsi, multipath and persistent reservations (516625)
  • scsi_reserve now handles failures (514260)
  • cman_tool leave remove reduces quorum when no services are connected
    (515446)
  • fence_sanbox2 unable to retrieve status (512947)
  • gfs_controld: GETLK should free unused resource (513285)
  • fence: Allow IP addresses as node names (504158)
  • fence_scsi man page contains invalid option (515731)
  • fence_scsi support for 2 node clusters (516085)
  • Support for power cycle in fence ipmi (482913)
  • Add option 'list devices' for fencing agents (519697)
  • Add support for switching IPv4/IPv6 (520458)
  • Fence agent ends with traceback if option is missing
  • Add option to set port for SSH/telnet
  • Force stdout close for fencing agents (518622)
  • Support for long options (519670)
  • Fix a situation where cman could kill the wrong nodes (513260)
  • Fix support for large numbers of gfs & gfs2 file systems (100+) (561892)
  • Fix a problem where 'dm suspend' would hang a withdrawn GFS file system
    (570530)
  • Fix a problem where fence_snmp could return success when the operation
    failed (573834)

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 248006 - fence_bladecenter fails when blade is not physically present
  • BZ - 372901 - Qdisk without heuristic in a 2-nodes cluster: "master-wins" mode not working properly
  • BZ - 447481 - APC changed product name
  • BZ - 482913 - ipmi fence failed
  • BZ - 489809 - Broken device detection for DRAC3 ERA/O in fence_drac
  • BZ - 496748 - QA_ONLY: Dell iDRAC support with fence_ipmilan
  • BZ - 504158 - fenced doesn't work with IP addresses for node names
  • BZ - 506928 - Fence-Agents: support non-default TCP ports for the different services (SSH, Telnet)
  • BZ - 507514 - fence_ilo fails to reboot, possibly timing problem with ilo2 1.70
  • BZ - 508262 - Fence agents ends with traceback when option is missing
  • BZ - 508722 - fence_ilo will fail against ilo2 device on BL860c with latest ilo2 firmware
  • BZ - 511113 - qdisk does not autoboot/self-fence system if write errors take longer than interval*tko
  • BZ - 511346 - /usr/lib/debug/usr/libexec/lcrso/service_cman.lcrso.debug missing
  • BZ - 512343 - [CRM#1932634] Fencing fails if fence_wti used without telnet
  • BZ - 512947 - fence_sanbox2 unable to retrieve status of fencing
  • BZ - 513260 - Cman kills wrong nodes..
  • BZ - 513285 - fcntl(GETLK) does not free unused resource
  • BZ - 514260 - /etc/init.d/scsi_reserve should produce [FAIL] on failure as it does [ OK ] on success
  • BZ - 515446 - cman_tool leave remove does not reduce quorum
  • BZ - 515731 - fence_scsi man page contains invalid "-s" option
  • BZ - 516085 - fence_scsi: support 2 node clusters
  • BZ - 516111 - Unnecessary check for 'xm' in /etc/init.d/cman, fence_xvmd_enabled() function
  • BZ - 516763 - fence_scsi_test advertises debug option which is not implemented
  • BZ - 517399 - [RFE] - ccsd does not log what IPs are used for binding/sending packets to.
  • BZ - 518622 - Force stdout close for fencing agents in python
  • BZ - 519670 - RFE: Support for long options
  • BZ - 519697 - RFE: List option for fencing agents
  • BZ - 520458 - RFE: IPv6 support for fencing agents
  • BZ - 521817 - groupd dlm:clvmd stuck in LEAVE_STOP_WAIT
  • BZ - 528832 - fence_scsi_test should not allow -c and -s options together
  • BZ - 528938 - Fix case sensitives in action parameter
  • BZ - 532138 - uninitialized variable "method" in fence_ipmilan can cause breakage when trying to fence a node without explicitly specifying a value
  • BZ - 532773 - qdiskd erroneously writes the message "qdiskd: read (system call) has hung for X seconds"
  • BZ - 532916 - fence_apc fails to fence node: Failed: Unable to obtain correct plug status or plug is not available
  • BZ - 532920 - Fence agents should accept unknown options from standard input
  • BZ - 532922 - Security features for SNMP APC, IBM Bladecenter
  • BZ - 544482 - token timeout should be smaller then consensus timeout
  • BZ - 544664 - fence_virsh reports vm status incorrectly
  • BZ - 545054 - Fence agent for RSB ends with traceback
  • BZ - 546082 - groupd stuck by partition merge
  • BZ - 546340 - LOGIN_TIMEOUT too short for fence_lpar
  • BZ - 548577 - fence_vmware update to support vSphere/VirtualCenter integration
  • BZ - 549113 - Option -V is not working with fence agents
  • BZ - 549473 - fence_rsa fails to login with new RSA II firmware
  • BZ - 570530 - cman: gfs_controld dm suspend hangs withdrawn GFS file system
  • BZ - 573834 - SNMP APC agent returns success with bad IP address

CVEs

References

(none)

Red Hat Enterprise Linux Server 5

SRPM
cman-2.0.115-34.el5.src.rpm SHA-256: 2927159670663062e32fbfae57c7f1a6db94e1971617ebc3fdee7fde77a12617
x86_64
cman-2.0.115-34.el5.x86_64.rpm SHA-256: 537c6475d17a82fd431168a14d3d968acb12cde4742fc58cfadb853c25bd0d0c
cman-devel-2.0.115-34.el5.i386.rpm SHA-256: 6f8d7cae96c9126b923f464a18d27fff03bd3750342073d38044fda146a5528e
cman-devel-2.0.115-34.el5.x86_64.rpm SHA-256: deb194e737bb86390a412e49c65c8ebcf23fbb8d6ab08bb47c051c231ccba49a
ia64
cman-2.0.115-34.el5.ia64.rpm SHA-256: ef952375f14dbbd311d8fb81276cc350aa97b701cfca41fb573e00a73c26da20
cman-devel-2.0.115-34.el5.ia64.rpm SHA-256: d3bd6c97c45fe13513ec6839e872db8056be2759003cc802391f983887623db7
i386
cman-2.0.115-34.el5.i386.rpm SHA-256: 2a1a6b3e3bc274797220a58b69906c8db3853a1a5c94f2bc00b236a1506c1459
cman-devel-2.0.115-34.el5.i386.rpm SHA-256: 6f8d7cae96c9126b923f464a18d27fff03bd3750342073d38044fda146a5528e

Red Hat Enterprise Linux Workstation 5

SRPM
cman-2.0.115-34.el5.src.rpm SHA-256: 2927159670663062e32fbfae57c7f1a6db94e1971617ebc3fdee7fde77a12617
x86_64
cman-2.0.115-34.el5.x86_64.rpm SHA-256: 537c6475d17a82fd431168a14d3d968acb12cde4742fc58cfadb853c25bd0d0c
cman-devel-2.0.115-34.el5.i386.rpm SHA-256: 6f8d7cae96c9126b923f464a18d27fff03bd3750342073d38044fda146a5528e
cman-devel-2.0.115-34.el5.x86_64.rpm SHA-256: deb194e737bb86390a412e49c65c8ebcf23fbb8d6ab08bb47c051c231ccba49a
i386
cman-2.0.115-34.el5.i386.rpm SHA-256: 2a1a6b3e3bc274797220a58b69906c8db3853a1a5c94f2bc00b236a1506c1459
cman-devel-2.0.115-34.el5.i386.rpm SHA-256: 6f8d7cae96c9126b923f464a18d27fff03bd3750342073d38044fda146a5528e

Red Hat Enterprise Linux for Power, big endian 5

SRPM
cman-2.0.115-34.el5.src.rpm SHA-256: 2927159670663062e32fbfae57c7f1a6db94e1971617ebc3fdee7fde77a12617
ppc
cman-2.0.115-34.el5.ppc.rpm SHA-256: 0c3c244183d05267245efc4d092d1a2e2b7c9a80c6d8b8bff3bd9846b834c9cc
cman-devel-2.0.115-34.el5.ppc.rpm SHA-256: cca887dafe46de1b615f1275171756e9a46eedce2b85b34302b7236c93bac31f
cman-devel-2.0.115-34.el5.ppc64.rpm SHA-256: 4fc65451c505355e1d54ffdd3cf669f69003d5fc964edf3c9708e327491674ba

Red Hat Enterprise Linux Server from RHUI 5

SRPM
cman-2.0.115-34.el5.src.rpm SHA-256: 2927159670663062e32fbfae57c7f1a6db94e1971617ebc3fdee7fde77a12617
x86_64
cman-2.0.115-34.el5.x86_64.rpm SHA-256: 537c6475d17a82fd431168a14d3d968acb12cde4742fc58cfadb853c25bd0d0c
cman-devel-2.0.115-34.el5.i386.rpm SHA-256: 6f8d7cae96c9126b923f464a18d27fff03bd3750342073d38044fda146a5528e
cman-devel-2.0.115-34.el5.x86_64.rpm SHA-256: deb194e737bb86390a412e49c65c8ebcf23fbb8d6ab08bb47c051c231ccba49a
i386
cman-2.0.115-34.el5.i386.rpm SHA-256: 2a1a6b3e3bc274797220a58b69906c8db3853a1a5c94f2bc00b236a1506c1459
cman-devel-2.0.115-34.el5.i386.rpm SHA-256: 6f8d7cae96c9126b923f464a18d27fff03bd3750342073d38044fda146a5528e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.